The plugin currently stores the AWS Secret Key in plain text when it is written to the job configuration file. This should be encrypted to prevent unauthorized access if the file is compromised.